]>
Commit | Line | Data |
---|---|---|
28fe5d22 AM |
1 | --- php-5.6.17/ext/openssl/openssl.c~ 2016-01-06 16:14:47.000000000 +0100 |
2 | +++ php-5.6.17/ext/openssl/openssl.c 2016-02-02 18:15:39.118449615 +0100 | |
3 | @@ -4886,6 +4886,7 @@ PHP_FUNCTION(openssl_seal) | |
4 | memset(eks, 0, sizeof(*eks) * nkeys); | |
5 | key_resources = safe_emalloc(nkeys, sizeof(long), 0); | |
6 | memset(key_resources, 0, sizeof(*key_resources) * nkeys); | |
7 | + memset(pkeys, 0, sizeof(*pkeys) * nkeys); | |
8 | ||
9 | /* get the public keys we are using to seal this data */ | |
10 | zend_hash_internal_pointer_reset_ex(pubkeysht, &pos); | |
11 | @@ -4958,7 +4959,7 @@ PHP_FUNCTION(openssl_seal) | |
12 | ||
13 | clean_exit: | |
14 | for (i=0; i<nkeys; i++) { | |
15 | - if (key_resources[i] == -1) { | |
16 | + if (key_resources[i] == -1 && pkeys[i] != NULL) { | |
17 | EVP_PKEY_free(pkeys[i]); | |
18 | } | |
19 | if (eks[i]) { | |
20 | diff --git a/ext/openssl/tests/bug71475.phpt b/ext/openssl/tests/bug71475.phpt | |
21 | new file mode 100644 | |
22 | index 0000000..680753d | |
23 | --- /dev/null | |
24 | +++ b/ext/openssl/tests/bug71475.phpt | |
25 | @@ -0,0 +1,16 @@ | |
26 | +--TEST-- | |
27 | +Bug #71475: openssl_seal() uninitialized memory usage | |
28 | +--SKIPIF-- | |
29 | +<?php | |
30 | +if (!extension_loaded("openssl")) die("skip openssl not loaded"); | |
31 | +?> | |
32 | +--FILE-- | |
33 | +<?php | |
34 | +$_ = str_repeat("A", 512); | |
35 | +openssl_seal($_, $_, $_, array_fill(0,64,0)); | |
36 | +?> | |
37 | +DONE | |
38 | +--EXPECTF-- | |
39 | + | |
40 | +Warning: openssl_seal(): not a public key (1th member of pubkeys) in %s/bug71475.php on line %d | |
41 | +DONE | |
42 | \ No newline at end of file |